430 likes | 938 Views
Intel Virtualization Technology: Strategy And Evolution. Lorie Wigle Director: Server Marketing Digital Enterprise Group Rajesh Sankaran Principal Engineer Corporate Technology Group. Agenda. Server Virtualization: Evolution from mainframes to x86 platforms The trajectory of virtualization
E N D
Intel Virtualization Technology:Strategy And Evolution Lorie WigleDirector: Server MarketingDigital Enterprise Group Rajesh SankaranPrincipal Engineer Corporate Technology Group
Agenda • Server Virtualization: Evolution from mainframes to x86 platforms • The trajectory of virtualization • Virtualization usage models • RAS, performance and ecosystem enabling: The Intel value • Intel Virtualization Technology (VT) Roadmap • Challenges for SW - only virtual machine monitors (VMMs) • VT-x: Intel Virtualization Technology for IA-32 Processors • VT-d: Intel Virtualization Technology for Directed I/O • Summary and Questions
Virtualization Awareness Today* • 75% of enterprises aware of virtualization • 34% Implementing virtualization by mid 2006 • Very large biz at 46%; SMB at 25%! • North America leading; Other GEO’s right behind! • 60% increasing virtualization in next 12 months! * Forrester 2-22-06 Server Virtualization Goes Mainstream; 1221 end user quant study
Virtualized x86 Server Market Overview* Integrated Hypervisors in Volume OS’s • 80% of customers using virtualization do so for consolidation • Virtualized server market growing from 4.5% today to >12% of all servers in 2009 • Growing from 276K in 2005 to 1.1M units in 2009 (51% CAGR) • Feedback from the market: Aggressive projections for 2005; conservative for 2009 Virtualization: Significant growth due to compelling value *Source: IDC WW Virtualization Forecast Aug-2005
VM1 VM1 VMn VMn … … VMM HWn HW0 App App App App App App HW OS OS OS OS OS OS Today’s UsesVirtualization addresses today’s IT concerns Server Consolidation Test and Development VM1 VMM HW 10:1 in many cases Enables rapid deployment
Goal: True “Lights Out” Datacenter Instantaneous failover Dynamic load balancing Autonomics Self healing VMn VMn … … HWn App App App App App App App App OS OS OS OS OS OS OS OS Emerging Usage Models Dynamic Load Balancing Disaster Recovery VM1 VM1 VM1 VM1 VMn VMn … … VMM VMM VMM HW0 HWn HW HW0
“Choose the right basket” A Better Platform For Virtualization • First to Market And Massive Ecosystem Support • Choice: Broadest virtualization software support in the industry • Robust: First x86 hardware assisted virtualization technology (Intel VT) • Innovation: Common specification = enhanced virtualization on x86 and will set the standard • Flexibility: Leverage Intel Xeon processor-based servers widely deployed infrastructure for advanced failover and dynamic load balancing • Better Platform Reliability • Critical for more applications on the same server • More reliability features • Proven Platform Architecture - almost 40X more IA based servers than other x86 based servers since 1996 • Performance Headroom • Intel Xeon processors have key performance features for virtualization: Dual-core, hyper-threading, I/O, memory, and larger caches 1 – source: Q4’05 IDC server Tracker, 1996-2005 total system shipped Whitepaper on Virtualization benefits: http://www.intel.com/business/bss/products/server/virtualization_wp.pdf
A More Reliable ServerUnique Intel x86 Reliability Features Intel Xeon processor Based Servers Other x86 Based Servers Description Benefit Feature Memory ECC Data Integrity & Availability Detects & corrects single-bit errors Enhanced Memory ECC Data Integrity & Availability Retry double-bit errors vs. standard memory ECC that does single-bit errors only Address & command transmissions are automatically retried if a transient error occurs vs. the potential of silent data corruption Memory CRC (FBD) Continued Operation & Availability Predicts a “failing” DIMM & copies the data to a spare memory DIMM , maintaining server available & uptime Memory Sparing Data Availability Data is written to 2 locations in system memory so that if a DRAM device fails, mirrored memory enables continued operation and data availability Memory Mirroring Data Protection Symmetric Access to all CPUs Server Continuity Enables a system to restart and operate if the primary processor fails A Better Business Foundation Less Downtime, Higher Service Availability and Improved Confidence Enabled by a combination of processor, chipset and platform memory technologies. Data as of March 6, 2006
Introducing: New Dual - Core Intel Xeon Processor - based Servers • What’s New? • Lower Power 64-bit Dual-Core Processors • Hardware assisted virtualization (VT) • New dual independent point-to-point bus • Fully Buffered DDR2 DIMM Memory (FBD) • Intel I/O Acceleration Technology (option) • Embedded RAID technology (option) • Intel Core Micro-architecture (Q3’06) • Quad-Core support (1H’07) • PLUS • 64 bit computing (standard since 2004) • PCI Express* (standard since 2004) • Intel Execute Disable Bit (standard since 2005) • Intel Software Optimization Tools (option) • Intel Power Efficiency Tools (option) Advancing All Areas of The System Together For Outstanding Business Value Intel I/O Acceleration Technology, Intel Active Server Manager, Intel Power Toolkit and Intel xScale™ storage controllers are advanced innovation that are options on select OEM systems. Contact your preferred OEM for more details
Intel Virtualization Technology (VT) Provides silicon-based functionality that works togetherwith compatible VMM software to provide new capabilities • Enables richer software capabilities • 64-bit guest OS support in virtualized environment • Support for unmodified, heterogeneous guest operating systems to run on new VMM’s • Intel is working with the industry • Common virtualization standards from client to servers • Broad availability of both client and server platforms since November 2005 for accelerated software development • Endorsements and beta SW available from multiple vendors • Support for VT in Microsoft Virtual Server 2005 R2 SP1
Driving Virtualization Momentum • Providing a balanced server platform solution that delivers CPU, memory, I/O and advanced technology support for the datacenter • Supplying the most reliable, thoroughly validated and widely deployed server platforms available in the market • Working with the industry to build a vibrant ecosystem and build solutions that relieve the pressure on IT Other brands and names are the property of their respective owners. Source: Intel Corporation, 4/05, statistics based on Fortune* Global 100 ranking of largest companies published in 2004. WorldWide IDC Server Tracker - Q3’05
IA System Virtualization Today VirtualMachines Virtual Machine Monitor (VMM) BinaryTranslation Paravirtualization Page-tableShadowing IO-DeviceEmulation InterruptVirtualization DMA Remap LogicalProcessors I/O Devices Physical Memory IA-based System Virtualization Today Requires Frequent VMM Software Intervention
IA Virtualization TodaySummary Of Challenges • Complexity • CPU virtualization requires binary translation or paravirtualization • Must emulate I/O devices in software • Functionality • Paravirtualization may limit supported guest OSes • Guest OSes “see” only simulated platform and I/O devices • Reliability and Security • I/O device drivers run as part of host OS or hypervisor • No protection from errant DMA that can corrupt memory • Performance • Overheads of address translation in software • Extra memory required (e.g., translated code, shadow tables)
PCI-SIG Standards for IO-device sharing: • Multi-Context I/O Devices • Endpoint Address Translation Caching • Under definition in the PCI-SIG* IOVWG Hardware support for IO-device virtualization Device DMA remapping Direct assignment of I/O devices to VMs Interrupt Routing and Remapping Establish foundation for virtualization in the IA-32 and Itanium architectures… … followed by on-going evolution of support: Micro-architectural (e.g., lower VM switch times) Architectural (e.g., Extended Page Tables) Increasingly better CPU and I/O virtualization performance and functionality as I/O devices and VMMs exploit infrastructure provided by VT-x, VT-i, VT-d VT-d VT-x VT-i Intel Virtualization Technology Evolution Vector 3:I/O Focus Vector 2:Platform Focus Vector 1:Processor Focus VMMSoftware Evolution Software-only VMMs Binary translation Paravirtualization Simpler and more Secure VMM through foundation of virtualizable ISAs PastNo HardwareSupport Today VMM software evolution over time with hardware support *Other names and brands may be claimed as the property of others
VT-x Overview:Intel Virtualization Technology For IA-32 Processors
Two new VT-x operating modes Less-privileged mode(VMX non-root) for guest OSes More-privileged mode(VMX root) for VMM Two new transitions VM entry to non-root operation VM exit to root operation VM Exit VM Entry CPU Virtualization With VT-x Virtual Machines (VMs) Apps Apps Ring 3 OS OS Ring 0 VMXRoot VM Monitor (VMM) • Execution controls determine when exits occur • Access to privilege state, occurrence of exceptions, etc. • Flexibility provided to minimize unwanted exits • VM Control Structure (VMCS) controls VT-x operation • Also holds guest and host state
Extended Page Tables (EPT) • A VMM must protect host physical memory • Multiple guest operating systems share the same host physical memory • VMM typically implements protections through “page-table shadowing” in software • Page-table shadowing accounts for a large portion of virtualization overheads • VM exits due to: #PF, INVLPG, MOV CR3 Goal of EPT is to reduce these overheads
CR3 EPT Base Pointer (EPTP) Host Physical Address Guest IA-32 Page Tables Extended Page Tables Guest Physical Address Guest Linear Address What Is EPT? • Extended Page Table • A new page-table structure, under the control of the VMM • Defines mapping between guest- and host-physical addresses • EPT base pointer (new VMCS field) points to the EPT page tables • EPT (optionally) activated on VM entry, deactivated on VM exit • Guest has full control over its own IA-32 page tables • No VM exits due to guest page faults, INVLPG, or CR3 changes
EPT Translation: Details • All guest-physical memory addresses go through EPT tables • (CR3, PDE, PTE, etc.) • Above example is for 2-level table for 32-bit address space • Translation possible for other page-table formats (e.g., PAE)
VT-d Overview:Intel Virtualization TechnologyFor Directed I/O
Monolithic Model Service VM Model Pass-through Model Guest VMs Service VMs VMn VM0 VMn VM0 VMn I/O Services Guest OS and Apps Guest OS and Apps Guest OS and Apps Guest OS and Apps VM0 DeviceDrivers DeviceDrivers Device Drivers Guest OS and Apps Hypervisor I/O Services Device Drivers Hypervisor Hypervisor AssignedDevices SharedDevices SharedDevices Pro: Highest Performance Pro: Smaller Hypervisor Pro: Device assisted sharing Con: Migration Challenges Pro: High Security Pro: I/O Device Sharing Pro: VM Migration Con: Lower Performance Options For I/O Virtualization Pro: Higher Performance Pro: I/O Device Sharing Pro: VM Migration Con: Larger Hypervisor VT-d Goal: Support all Models
CPU CPU System Bus North Bridge DRAM VT-d Integrated Devices PCIe* Root Ports PCI Express South Bridge PCI, LPC, Legacy devices, … VT-d Overview • VT-d is platform infrastructure for I/O virtualization • Defines architecture for DMA remapping • Implemented as part of platform core logic • Will be supported broadly in Intel server and client chipsets
VT-d Usage • Basic infrastructure for I/O virtualization • Enable direct assignment of I/O devices to unmodified or paravirtualized VMs • Improves system reliability • Contain and report errant DMA to software • Enhances security • Support multiple protection domains under SW control • Provide foundation for building trusted I/O capabilities • Other usages • Generic facility for DMA scatter/gather • Overcome addressability limitations on legacy devices
Dev 31, Func 7 Dev P, Func 2 Dev P, Func 1 Page Frame Dev 0, Func 0 Fault Generation Bus 255 4KB Page Tables Bus N Address Translation Structures Device Assignment Structures Device D1 Bus 0 Translation Cache Device D2 Address Translation Structures Context Cache Memory-resident Partitioning And Translation Structures VT-d Architecture Detail DMA Requests Device ID Virtual Address … Length DMA Remapping Engine Memory Access with System Physical Address
127 64 Rsvd Domain ID Rsvd Address Width 63 0 Address Space Root Pointer Rsvd Ext. Controls Controls P 63 0 Rsvd Page-Frame / Page-Table Address Available SP Rsvd Ext. Controls W R VT-d: Remapping Structures • VT-d hardware selects page-table based on source of DMA request • Requestor ID (bus / device / function) in request identifies DMA source VT-d Device Assignment Entry • VT-d supports hierarchical page tables for address translation • Page directories and page tables are 4 KB in size • 4KB base page size with support for larger page sizes • Support for DMA snoop control through page table entries • VT-d Page Table Entry
Requestor ID DMA Virtual Address 15 8 7 3 2 0 63 57 56 48 47 39 38 30 29 21 20 12 11 0 Level-4 table offset Level-3 table offset Level-2 table offset Level-1 table offset Bus Device Func 000000000b Page Offset Base Page DeviceAssignmentTables Level-4 Page Table Level-3 Page Table Level-2 Page Table Example Device Assignment Table Entry specifying 4-level page table Level-1 Page Table VT-d: Hardware Page Walk 000000b
VT-d: Translation Caching • Architecture supports caching of remapping structures • Context Cache: Caches frequently used device-assignment entries • IOTLB: Caches frequently used translations (results of page walk) • Non-leaf Cache: Caches frequently used page-directory entries • When updating VT-d translation structures, software enforces consistency of these caches • Architecture supports global, domain-selective, and page-range invalidations of these caches • Primary invalidation interface through MMIO registers for synchronous invalidations • Extended invalidation interface for queued invalidations
VT-d: Extended Features • PCI Express protocol extensions being defined by PCISIG for Address Translation Services (ATS) • Enables scaling of translation caches to devices • Devices may request translations from root complex and cache • Protocol extensions to invalidate translation caches on devices • VT-d extended capabilities • Enables VMM software to control device participation in ATS • Returns translations for valid ATS translation requests • Supports ATS invalidations • Provides capability to isolate, remap and route interrupts to VMs • Support device-specific demand paging by ATS capable devices VT-d Extended features utilize PCI Express enhancements being pursued within the PCI-SIG
VT-d BinaryTranslation Paravirtualization Page-tableShadowing IO-DeviceEmulation InterruptVirtualization DMA Remap VT-x Hardware VirtualizationMechanisms under VMM Control VT-x & VT-d Working Together VirtualMachines Virtual Machine Monitor (VMM) LogicalProcessors I/O Devices Physical Memory
How Intel Virtualization TechnologyAddress Virtualization Challenges • Reduced Complexity • VT-x removes need for binary translation / paravirtualization • Can avoid I/O emulation for direct-mapped I/O devices • Improved Functionality • 64-bit guest OS support, remove limitations of paravirtualization • Can grant Guest OS direct access to modern physical I/O devices • Enhanced Reliability and Protection • Simplified VMM reduces “trusted computing base” (TCB) • DMA errors logged and reported to software • Improved Performance • Hardware support reduces address-translation overheads • No need for shadow page tables (saves memory)
Delivering Intel VT • Established Intel Virtualization Technology Specifications for Intel based platforms • For the IA-32 Intel Architecture (Jan 2005) VT-x • For the Intel Itanium Architecture (Jan 2005) VT-i • For Directed I/O Architecture (March 2006) VT-d • See http://www.intel.com/technology/computing/vptech/ • Shipping Intel based platforms enabled with Intel VT • VT-x: Desktop in 2005, Mobile platforms and Intel Xeon processor based servers and workstations in 2006 • VT-i: Later in 2006, Intel Itanium processor based servers • VT-d: Intel is enabling VMM vendors with VT-d silicon in 2006
Summary And Questions • Key challenges to IA system virtualization • Complexity, Performance, Reliability, Functionality • Intel Virtualization Technology (VT) • A long-term, comprehensive roadmap designed to address virtualization challenges • Support for CPU and I/O virtualization • Strong ecosystem support
Call To Action • Download the Intel VT-x, VT-i and VT-d specifications • Available at http://www.intel.com/technology/computing/vptech/ • Begin developing solutions on VT enabled hardware • Monitor the PCI-SIG for the latest on I/O Device virtualization standards